2 * Copyright (c) 2005, Junio C Hamano
6 * State diagram and cleanup
7 * -------------------------
9 * This module keeps track of all locked files in `lock_file_list` for
10 * use at cleanup. This list and the `lock_file` objects that comprise
11 * it must be kept in self-consistent states at all time, because the
12 * program can be interrupted any time by a signal, in which case the
13 * signal handler will walk through the list attempting to clean up
14 * any open lock files.
16 * The possible states of a `lock_file` object are as follows:
18 * - Uninitialized. In this state the object's `on_list` field must be
19 * zero but the rest of its contents need not be initialized. As
20 * soon as the object is used in any way, it is irrevocably
21 * registered in `lock_file_list`, and `on_list` is set.
23 * - Locked, lockfile open (after `hold_lock_file_for_update()`,
24 * `hold_lock_file_for_append()`, or `reopen_lock_file()`). In this
27 * - the lockfile exists
29 * - `filename` holds the filename of the lockfile
30 * - `fd` holds a file descriptor open for writing to the lockfile
31 * - `fp` holds a pointer to an open `FILE` object if and only if
32 * `fdopen_lock_file()` has been called on the object
33 * - `owner` holds the PID of the process that locked the file
35 * - Locked, lockfile closed (after successful `close_lock_file()`).
36 * Same as the previous state, except that the lockfile is closed
39 * - Unlocked (after `commit_lock_file()`, `commit_lock_file_to()`,
40 * `rollback_lock_file()`, a failed attempt to lock, or a failed
41 * `close_lock_file()`). In this state:
44 * - `filename` is empty (usually, though there are transitory
45 * states in which this condition doesn't hold). Client code should
46 * *not* rely on the filename being empty in this state.
48 * - the object is left registered in the `lock_file_list`, and
51 * A lockfile is owned by the process that created it. The `lock_file`
52 * has an `owner` field that records the owner's PID. This field is
53 * used to prevent a forked process from closing a lockfile created by
61 static struct lock_file
*volatile lock_file_list
;
63 static void remove_lock_files(int skip_fclose
)
67 while (lock_file_list
) {
68 if (lock_file_list
->owner
== me
) {
69 /* fclose() is not safe to call in a signal handler */
71 lock_file_list
->fp
= NULL
;
72 rollback_lock_file(lock_file_list
);
74 lock_file_list
= lock_file_list
->next
;
78 static void remove_lock_files_on_exit(void)
83 static void remove_lock_files_on_signal(int signo
)
91 * path = absolute or relative path name
93 * Remove the last path name element from path (leaving the preceding
94 * "/", if any). If path is empty or the root directory ("/"), set
95 * path to the empty string.
97 static void trim_last_path_component(struct strbuf
*path
)
101 /* back up past trailing slashes, if any */
102 while (i
&& path
->buf
[i
- 1] == '/')
106 * then go backwards until a slash, or the beginning of the
109 while (i
&& path
->buf
[i
- 1] != '/')
112 strbuf_setlen(path
, i
);
116 /* We allow "recursive" symbolic links. Only within reason, though */
120 * path contains a path that might be a symlink.
122 * If path is a symlink, attempt to overwrite it with a path to the
123 * real file or directory (which may or may not exist), following a
124 * chain of symlinks if necessary. Otherwise, leave path unmodified.
126 * This is a best-effort routine. If an error occurs, path will
127 * either be left unmodified or will name a different symlink in a
128 * symlink chain that started with the original path.
130 static void resolve_symlink(struct strbuf
*path
)
132 int depth
= MAXDEPTH
;
133 static struct strbuf link
= STRBUF_INIT
;
136 if (strbuf_readlink(&link
, path
->buf
, path
->len
) < 0)
139 if (is_absolute_path(link
.buf
))
140 /* absolute path simply replaces p */
144 * link is a relative path, so replace the
145 * last element of p with it.
147 trim_last_path_component(path
);
149 strbuf_addbuf(path
, &link
);
154 /* Make sure errno contains a meaningful value on error */
155 static int lock_file(struct lock_file
*lk
, const char *path
, int flags
)
157 size_t pathlen
= strlen(path
);
159 if (!lock_file_list
) {
160 /* One-time initialization */
161 sigchain_push_common(remove_lock_files_on_signal
);
162 atexit(remove_lock_files_on_exit
);
166 die("BUG: cannot lock_file(\"%s\") using active struct lock_file",
169 /* Initialize *lk and add it to lock_file_list: */
174 strbuf_init(&lk
->filename
, pathlen
+ LOCK_SUFFIX_LEN
);
175 lk
->next
= lock_file_list
;
178 } else if (lk
->filename
.len
) {
179 /* This shouldn't happen, but better safe than sorry. */
180 die("BUG: lock_file(\"%s\") called with improperly-reset lock_file object",
184 if (flags
& LOCK_NO_DEREF
) {
185 strbuf_add_absolute_path(&lk
->filename
, path
);
187 struct strbuf resolved_path
= STRBUF_INIT
;
189 strbuf_add(&resolved_path
, path
, pathlen
);
190 resolve_symlink(&resolved_path
);
191 strbuf_add_absolute_path(&lk
->filename
, resolved_path
.buf
);
192 strbuf_release(&resolved_path
);
195 strbuf_addstr(&lk
->filename
, LOCK_SUFFIX
);
196 lk
->fd
= open(lk
->filename
.buf
, O_RDWR
| O_CREAT
| O_EXCL
, 0666);
198 strbuf_reset(&lk
->filename
);
201 lk
->owner
= getpid();
203 if (adjust_shared_perm(lk
->filename
.buf
)) {
204 int save_errno
= errno
;
205 error("cannot fix permission bits on %s", lk
->filename
.buf
);
206 rollback_lock_file(lk
);
213 static int sleep_microseconds(long us
)
218 return select(0, NULL
, NULL
, NULL
, &tv
);
222 * Constants defining the gaps between attempts to lock a file. The
223 * first backoff period is approximately INITIAL_BACKOFF_MS
224 * milliseconds. The longest backoff period is approximately
225 * (BACKOFF_MAX_MULTIPLIER * INITIAL_BACKOFF_MS) milliseconds.
227 #define INITIAL_BACKOFF_MS 1L
228 #define BACKOFF_MAX_MULTIPLIER 1000
231 * Try locking path, retrying with quadratic backoff for at least
232 * timeout_ms milliseconds. If timeout_ms is 0, try locking the file
233 * exactly once. If timeout_ms is -1, try indefinitely.
235 static int lock_file_timeout(struct lock_file
*lk
, const char *path
,
236 int flags
, long timeout_ms
)
240 long remaining_us
= 0;
241 static int random_initialized
= 0;
244 return lock_file(lk
, path
, flags
);
246 if (!random_initialized
) {
247 srandom((unsigned int)getpid());
248 random_initialized
= 1;
251 if (timeout_ms
> 0) {
253 if (timeout_ms
<= LONG_MAX
/ 1000)
254 remaining_us
= timeout_ms
* 1000;
256 remaining_us
= LONG_MAX
;
260 long backoff_ms
, wait_us
;
263 fd
= lock_file(lk
, path
, flags
);
266 return fd
; /* success */
267 else if (errno
!= EEXIST
)
268 return -1; /* failure other than lock held */
269 else if (timeout_ms
> 0 && remaining_us
<= 0)
270 return -1; /* failure due to timeout */
272 backoff_ms
= multiplier
* INITIAL_BACKOFF_MS
;
273 /* back off for between 0.75*backoff_ms and 1.25*backoff_ms */
274 wait_us
= (750 + random() % 500) * backoff_ms
;
275 sleep_microseconds(wait_us
);
276 remaining_us
-= wait_us
;
278 /* Recursion: (n+1)^2 = n^2 + 2n + 1 */
279 multiplier
+= 2*n
+ 1;
280 if (multiplier
> BACKOFF_MAX_MULTIPLIER
)
281 multiplier
= BACKOFF_MAX_MULTIPLIER
;
287 void unable_to_lock_message(const char *path
, int err
, struct strbuf
*buf
)
290 strbuf_addf(buf
, "Unable to create '%s.lock': %s.\n\n"
291 "If no other git process is currently running, this probably means a\n"
292 "git process crashed in this repository earlier. Make sure no other git\n"
293 "process is running and remove the file manually to continue.",
294 absolute_path(path
), strerror(err
));
296 strbuf_addf(buf
, "Unable to create '%s.lock': %s",
297 absolute_path(path
), strerror(err
));
300 NORETURN
void unable_to_lock_die(const char *path
, int err
)
302 struct strbuf buf
= STRBUF_INIT
;
304 unable_to_lock_message(path
, err
, &buf
);
308 /* This should return a meaningful errno on failure */
309 int hold_lock_file_for_update_timeout(struct lock_file
*lk
, const char *path
,
310 int flags
, long timeout_ms
)
312 int fd
= lock_file_timeout(lk
, path
, flags
, timeout_ms
);
313 if (fd
< 0 && (flags
& LOCK_DIE_ON_ERROR
))
314 unable_to_lock_die(path
, errno
);
318 int hold_lock_file_for_append(struct lock_file
*lk
, const char *path
, int flags
)
322 fd
= lock_file(lk
, path
, flags
);
324 if (flags
& LOCK_DIE_ON_ERROR
)
325 unable_to_lock_die(path
, errno
);
329 orig_fd
= open(path
, O_RDONLY
);
331 if (errno
!= ENOENT
) {
332 int save_errno
= errno
;
334 if (flags
& LOCK_DIE_ON_ERROR
)
335 die("cannot open '%s' for copying", path
);
336 rollback_lock_file(lk
);
337 error("cannot open '%s' for copying", path
);
341 } else if (copy_fd(orig_fd
, fd
)) {
342 int save_errno
= errno
;
344 if (flags
& LOCK_DIE_ON_ERROR
)
345 die("failed to prepare '%s' for appending", path
);
347 rollback_lock_file(lk
);
356 FILE *fdopen_lock_file(struct lock_file
*lk
, const char *mode
)
359 die("BUG: fdopen_lock_file() called for unlocked object");
361 die("BUG: fdopen_lock_file() called twice for file '%s'", lk
->filename
.buf
);
363 lk
->fp
= fdopen(lk
->fd
, mode
);
367 int get_lock_file_fd(struct lock_file
*lk
)
370 die("BUG: get_lock_file_fd() called for unlocked object");
374 FILE *get_lock_file_fp(struct lock_file
*lk
)
377 die("BUG: get_lock_file_fp() called for unlocked object");
381 char *get_locked_file_path(struct lock_file
*lk
)
384 die("BUG: get_locked_file_path() called for unlocked object");
385 if (lk
->filename
.len
<= LOCK_SUFFIX_LEN
)
386 die("BUG: get_locked_file_path() called for malformed lock object");
387 return xmemdupz(lk
->filename
.buf
, lk
->filename
.len
- LOCK_SUFFIX_LEN
);
390 int close_lock_file(struct lock_file
*lk
)
404 * Note: no short-circuiting here; we want to fclose()
407 err
= ferror(fp
) | fclose(fp
);
413 int save_errno
= errno
;
414 rollback_lock_file(lk
);
422 int reopen_lock_file(struct lock_file
*lk
)
425 die(_("BUG: reopen a lockfile that is still open"));
427 die(_("BUG: reopen a lockfile that has been committed"));
428 lk
->fd
= open(lk
->filename
.buf
, O_WRONLY
);
432 int commit_lock_file_to(struct lock_file
*lk
, const char *path
)
435 die("BUG: attempt to commit unlocked object to \"%s\"", path
);
437 if (close_lock_file(lk
))
440 if (rename(lk
->filename
.buf
, path
)) {
441 int save_errno
= errno
;
442 rollback_lock_file(lk
);
448 strbuf_reset(&lk
->filename
);
452 int commit_lock_file(struct lock_file
*lk
)
454 static struct strbuf result_file
= STRBUF_INIT
;
458 die("BUG: attempt to commit unlocked object");
460 if (lk
->filename
.len
<= LOCK_SUFFIX_LEN
||
461 strcmp(lk
->filename
.buf
+ lk
->filename
.len
- LOCK_SUFFIX_LEN
, LOCK_SUFFIX
))
462 die("BUG: lockfile filename corrupt");
464 /* remove ".lock": */
465 strbuf_add(&result_file
, lk
->filename
.buf
,
466 lk
->filename
.len
- LOCK_SUFFIX_LEN
);
467 err
= commit_lock_file_to(lk
, result_file
.buf
);
468 strbuf_reset(&result_file
);
472 void rollback_lock_file(struct lock_file
*lk
)
477 if (!close_lock_file(lk
)) {
478 unlink_or_warn(lk
->filename
.buf
);
480 strbuf_reset(&lk
->filename
);